Svchoste.exe Sucks!! :-p

Discussion in 'Malware Help - MG (A Specialist Will Reply)' started by Lisztman, Nov 1, 2004.

  1. Lisztman

    Lisztman Private E-2

    i have been trying and trying and trying to remove svchoste.exe from my family's computer for about a month or so now. i believe it was initially obtained from the "bestfriends.scr" spyware that my sister foolishly clicked on and installed. i have used all the programs out there that exist for removing AIM based viruses, and for the most part, the computer has been secured. however, no matter how many times i try to use hijackthis to remove svchoste.exe from the computer, it still comes back, again and again. i still have not been able to access taskmanager or regedit without running my renamed taskmanager program and ending svchoste. i have also turned off the "system restore" function that goes with windows XP. and yet, the program still comes back. also, i have noticed that either either a norton or windows virus reporting program fails upon startup. i have also removed a svchoste.exe prefetch that was on the computer. still the process returns. i am at a loss. here is my hijack log before the removal, and then the hijack log after i remove them:


    Edit by chaslang: Two unrequested inline logs deleted.


    i hope SOMEONE can pleeeeze help me!

    thanks :)

    Lisztman
     
    Last edited by a moderator: Nov 1, 2004
    Lisztman, Nov 1, 2004
    #1
  2. chaslang

    chaslang MajorGeeks Admin - Master Malware Expert Staff Member

    Hijackthis is the last step not the first. The below steps must be performed first. Please do not post HJT logs unless we ask for them and then follow the guidelines on where to install it and how to post them as text file attachments. Read the sticky threads.

    You should follow ALL the steps in this Sticky thread READ ME FIRST BEFORE ASKING FOR SUPPORT: Basic Spyware, Trojan And Virus Removal
    If you already have any of the programs linked in the tutorial please double check your version to make sure you have the latest one and that you have any/all updates for the programs.

    NOTE: In order to resolve the issues you are having it is very important that you at least try to perform all the steps as outlined. If you have any difficulty please post back letting us know what steps you have completed, what you found while doing the scans if anything and details about any problems you have encountered in completing the steps. The more details you can provide the better.
     
    chaslang, Nov 1, 2004
    #2
  3. chaslang

    chaslang MajorGeeks Admin - Master Malware Expert Staff Member

    By the way, did you delete the file (in safe mode) after fixing the line in HJT?
     
    chaslang, Nov 1, 2004
    #3
  4. Lisztman

    Lisztman Private E-2

    wow... that was a fast reply!! :p

    i had already done all of those when i first came upon this site. however, i did them all again just in case, and it seems that it might have been in one of the updates. in other words.. i think its fixed. i believe that my sister's account is all safe and everything now. im going to try and check all the accounts one by one now just in case it might be hidden in one of them somehow (thats the only way that i can figure it lasted for so long)

    thanks,

    Lisztman
     
    Lisztman, Nov 1, 2004
    #4
  5. chaslang

    chaslang MajorGeeks Admin - Master Malware Expert Staff Member

    You're welcome Lisztman!


    That's why we keep pushing for everyone to download the versions in our links and always check for updates. It can make a big difference.

    FYI. In the future, if you have problems and come back always indicate what you have already tried. Be specific and say something like I have run ALL the steps in the < READ ME FIRST BEFORE ASKING FOR SUPPORT: Basic Spyware, Trojan And Virus Removal > . You will save yourself and us time in getting problems resolved.
     
    chaslang, Nov 2, 2004
    #5
  6. Lisztman

    Lisztman Private E-2

    guess what! its back. :-(

    all of the programs listed did not help. bascially, everything was working fine until my dad got on the computer and signed onto his screen name. then the whole cycle started again. i believe that it copies itself to all of the registries of users in the computers and then if someone removes that process, it just recopies itself when someone else signs on.

    yup.. like i said. svchoste.exe suck!!!

    Lisztman
     
    Lisztman, Nov 3, 2004
    #6
  7. chaslang

    chaslang MajorGeeks Admin - Master Malware Expert Staff Member

    For multiple user PCs, you need to run the procedures on all accounts to make sure every trace of the problems are clean up. Do that now. Then later we may need to work an HJT log (one at a time) for each user account.
     
    chaslang, Nov 3, 2004
    #7

MajorGeeks.Com Menu

Downloads All In One Tweaks \ Android \ Anti-Malware \ Anti-Virus \ Appearance \ Backup \ Browsers \ CD\DVD\Blu-Ray \ Covert Ops \ Drive Utilities \ Drivers \ Graphics \ Internet Tools \ Multimedia \ Networking \ Office Tools \ PC Games \ System Tools \ Mac/Apple/Ipad Downloads

Other News: Top Downloads \ News (Tech) \ Off Base (Other Websites News) \ Way Off Base (Offbeat Stories and Pics)

Social: Facebook \ YouTube \ Twitter \ Tumblr \ Pintrest \ RSS Feeds